Banking

Bank Negara fines Bank Rakyat RM1mil for cybersecurity, customer information protection breaches

KUALA LUMPUR: Bank Negara Malaysia (BNM) has imposed an administrative monetary penalty (AMP) of RM1 million on Bank Kerjasama Rakyat Malaysia Bhd (Bank Rakyat) for cybersecurity and customer information protection breaches on Jan 20, 2026.

The central bank said Bank Rakyat failed to implement robust cybersecurity standards as required under the risk management in technology policy document (RMiT PD).

It said Bank Rakyat also failed to safeguard customer information through adequate controls as required under the management of customer information and permitted disclosures policy document (MCIPD PD).

"BNM discovered that Bank Rakyat had breached several requirements under the RMiT PD and MCIPD PD following a cybersecurity incident in which an external threat actor gained unauthorised access to its information technology (IT) infrastructure.

"These breaches were attributed to inadequate cybersecurity controls and incident response,” it said on its website.

BNM said Bank Rakyat has taken remedial measures to strengthen its cybersecurity and information and communication technology (ICT) controls, resources and governance arrangements.

In deciding the AMP to be imposed, relevant aggravating and mitigating factors have been considered, the central bank said.

"These include the severity of the breaches and Bank Rakyat’s lack of reasonable care in ensuring compliance with the RMiT PD and MCIPD PD requirements; current controls to ensure compliance with the requirements; past compliance record; and post-misconduct behaviour and the effectiveness of remedial actions to prevent the recurrence of non-compliances,” it said.

Bank Rakyat paid RM1 million for the AMP on Jan 26, 2026.

BNM said it requires all financial institutions (FIs) to comply with the RMiT PD and MCIPD PD.

"BNM will not hesitate to take appropriate supervisory and enforcement actions should any FI fail to meet legal and/or regulatory requirements.

"The enforcement action taken against Bank Rakyat is in line with the approach and processes outlined in BNM’s published Enforcement Approach,” said the central bank. - Bernama

Follow us on our official WhatsApp channel for breaking news alerts and key updates!
BNM , Bank Negara , monetary penalty , Bank Kerjasama Rakyat Malaysia , cybersecurity breaches , risk management

Next In Business News
Pos Malaysia narrows 1Q loss on improved postal and aviation contributions
WCT unit bags RM152.68mil construction job in Taiwan
TNB launches Malaysia's first battery energy storage system connected to national grid
GX Bank, CGC Digital to offer credit access up to RM150,0000 to MSMEs
Shell Malaysia to expand its Westport fuels terminal
Bursa Malaysia stays lower at midday following lack of progress at Trump-Xi summit
L&G launches Damansara Laverra development with RM752mil GDV
Censof unit to develop Islamic accounting system for FT Islamic council
Affin Bank records higher 1Q net profit of RM135.5mil
Local institutions extend buying streak on Bursa Malaysia

Trending in Business

Others Also Read

Load more

Copyright © 1995- Star Media Group Berhad [197101000523 (10894-D)]

Best viewed on Chrome browsers.